No more typing reviews! Try our Samantha, our new voice AI agent.

Fortify Application Defender vs Fortra Tripwire IP360 comparison

The compared OpenText and Fortra solutions aren't in the same category. OpenText is ranked #25 in AS , with an average rating of 8.0, and holds a 1.3% mindshare in the category. Fortra is ranked #55 in VM , and holds a 0.6% mindshare. Additionally, 81% of OpenText users are willing to recommend the solution, compared to 60% of Fortra users who would recommend it.
Fortify Application Defender
Read 11 Fortify Application Defender reviews
  • 1,927 Views
  • 1,599 Comparison Views
81% willing to recommend
Fortra Tripwire IP360
Read 6 Fortra Tripwire IP360 reviews
  • 1,193 Views
  • 942 Comparison Views
60% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Fortify Application Defender and Fortra Tripwire IP360 based on real PeerSpot user reviews.

Find out what your peers are saying about SonarSource Sàrl, Veracode, Checkmarx and others in Application Security Tools.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Application Security Tools Report (Updated: April 2026).
Buyer's Guide
Application Security Tools
April 2026
Download the complete report
Helped 886,077 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortify Application Defender
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
11
Ranking in other categories
Application Security Tools (25th)
Fortra Tripwire IP360
Average Rating
7.0
Reviews Sentiment
4.3
Number of Reviews
6
Ranking in other categories
Vulnerability Management (55th)
 

Mindshare comparison

Fortify Application Defender and Fortra Tripwire IP360 aren’t in the same category and serve different purposes. Fortify Application Defender is designed for Application Security Tools and holds a mindshare of 1.3%, up 0.6% compared to last year.
Fortra Tripwire IP360, on the other hand, focuses on Vulnerability Management, holds 0.6% mindshare, up 0.4% since last year.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
Fortify Application Defender1.3%
SonarQube14.5%
Checkmarx One9.2%
Other75.0%
Application Security Tools
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Fortra Tripwire IP3600.6%
Wiz5.5%
Qualys VMDR4.4%
Other89.5%
Vulnerability Management
 

Featured Reviews

VS
VinothSivam
CTO at Abcl
Useful for fast code review in devOps pipelines
I rate the tool's scalability a seven out of ten. However, I'm concerned about how it handles an increasing number of lines of code. As the complexity grows, so does the time it takes for the tool to review everything. I want more clarity on how Fortify Application Defender handles multiple threats. We have numerous endpoints, but the tool runs in our pipeline, meaning it operates in the cloud. All our code is configured there, and the tool runs integration testing, unit testing, user testing, and final production code tests. It's a day-to-day experience. It's utilized almost every day as part of our pipeline runs. Each team responsible for integration testing, human testing, user access testing, and preproduction testing runs it whenever they take a build.
Read full review
Corey Cole - PeerSpot reviewer
Corey Cole
Service Coordinator - Technology Security at a government with 10,001+ employees
The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain
Only the administrator was using the product. He used it to read reports as part of our compliance programs. It wasn't heavily used by a lot of users. The tool comes in at a large scale, and we tried to scale it down. The scaling did not apply to us. It was neither difficult nor easy. I rate the scalability a five out of ten. We had some challenges while scaling it down. It could do 10,000 devices, and we wanted to use it for ten devices. The process was difficult and expensive. We did not need the product anymore.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The solution helped us to improve the code quality of our organization."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"We are able to provide our customers with a secure application after development; they are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"This is a great tool and the kind of support it provides is very helpful."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"Its ability to find security defects is valuable."
More Fortify Application Defender pros
"Tripwire IP360 helps me to discover most of the vulnerabilities, and I like the way that it prioritizes these vulnerabilities, as it allows me to focus on the most important ones first and then follow up with the rest."
"This product detects vulnerabilities which exist in the environment, and provides enough information that allows for remediation, thereby securing the environment."
"We could manage our entire IP range with the solution."
"It has enhanced the security program by ensuring that all external-facing systems are scanned on a routine basis."
"The company probably chose this solution because they thought that they would be getting the best bang for their buck."
"Tripwire is one of the most mature in terms of companies, suites, support, everything, much more than any other product."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"Tripwire IP360 is a very stable solution."
 

Cons

"Support for older compilers/IDEs is lacking."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The solution is quite expensive."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"The workbench is a little bit complex when you first start using it."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
More Fortify Application Defender cons
"If you are looking for better reporting capabilities and vulnerability tracking over time for remediation purposes, then this is not the best solution."
"We would like to have better reporting capabilities and for them to be more granular."
"I am not very impressed by the technical support."
"The reporting functions can use improvement."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"We need to dedicate time and resources to keep it running."
"For IP360, unfortunately, scans for certain vulnerabilities often cause issues, as they are mainly false positive."
"I am not very impressed by the technical support."
 

Pricing and Cost Advice

"The licensing is very complex, it's project based and can range from $10,000 to $200,000+ depending on the project type and size."
"The product’s price is much higher than other tools."
"Fortify Application Defender is very expensive."
"I rate the solution's pricing a five out of ten. It comes as an annual cloud subscription. The tool's pricing is around 50 lakhs."
"The base licensing costs for the SaaS platform is about $900 USD per application, per year."
"The price of this solution could be less expensive."
"I believe the price compares well within the market."
"The product was expensive for us."
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
886,077 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Manufacturing Company
10%
Construction Company
7%
Computer Software Company
6%
Manufacturing Company
12%
Construction Company
10%
Comms Service Provider
8%
Energy/Utilities Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise8
No data available
 

Questions from the Community

What do you like most about Fortify Application Defender?
I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy.
See all answers
What needs improvement with Fortify Application Defender?
The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and...
See all answers
What is your primary use case for Fortify Application Defender?
We use the solution for fast code review. It is integrated into our DevOps pipeline.
See all answers
Ask a question
Earn 20 points
 

Comparisons

SonarQube vs Fortify Application Defender Logo
SonarQube vs Fortify Application Defender
Compared 11% of the time
Checkmarx One vs Fortify Application Defender Logo
Checkmarx One vs Fortify Application Defender
Compared 11% of the time
Veracode vs Fortify Application Defender Logo
Veracode vs Fortify Application Defender
Compared 6% of the time
Klocwork vs Fortify Application Defender Logo
Klocwork vs Fortify Application Defender
Compared 5% of the time
GitHub Advanced Security vs Fortify Application Defender Logo
GitHub Advanced Security vs Fortify Application Defender
Compared 4% of the time
More Fortify Application Defender Competitors
Tenable Nessus vs Fortra Tripwire IP360 Logo
Tenable Nessus vs Fortra Tripwire IP360
Compared 14% of the time
Checkmarx One vs Fortra Tripwire IP360 Logo
Checkmarx One vs Fortra Tripwire IP360
Compared 12% of the time
Tenable Security Center vs Fortra Tripwire IP360 Logo
Tenable Security Center vs Fortra Tripwire IP360
Compared 10% of the time
IBM Guardium Vulnerability Assessment vs Fortra Tripwire IP360 Logo
IBM Guardium Vulnerability Assessment vs Fortra Tripwire IP360
Compared 9% of the time
Acunetix vs Fortra Tripwire IP360 Logo
Acunetix vs Fortra Tripwire IP360
Compared 5% of the time
More Fortra Tripwire IP360 Competitors
 

Product Reports

Buyer's Guide
Application Security Tools
April 2026
Fortify Application Defender reportDownload Fortify Application Defender product report
Buyer's Guide
Fortra Tripwire IP360
April 2026
Fortra Tripwire IP360 reportDownload Fortra Tripwire IP360 product report
 

Also Known As

HPE Fortify Application Defender, Micro Focus Fortify Application Defender
IP360
 

Overview

Micro Focus Security Fortify Application Defender is a runtime application self-protection (RASP) solution that helps you manage and mitigate risk from homegrown or third-party applications. It provides centralized visibility into application use and abuse while protecting from software vulnerability exploits and other violations in real time.

OpenText

Tripwire IP360 is a powerful vulnerability management solution that identifies and prioritizes network vulnerabilities for remediation. It is highly effective in scanning devices and applications, improving security posture, ensuring compliance, and managing risks. 

Users value its detailed reporting, user-friendly interface, and seamless integration with other security tools for efficient security management.

Fortra
 

Sample Customers

ServiceMaster, Saltworks, SAP
1. Aetna 2. Accenture 3. Adidas 4. AIG 5. Airbus 6. Akamai 7. Amazon 8. American Express 9. Aon 10. Apple 11. ATT 12. Autodesk 13. Bank of America 14. Barclays 15. Bayer 16. Bechtel 17. BlackRock 18. Boeing 19. BNP Paribas 20. Cisco 21. CocaCola 22. Comcast 23. Dell 24. Deutsche Bank 25. eBay 26. ExxonMobil 27. FedEx 28. Ford 29. General Electric 30. Google 31. HP 32. IBM
Buyer's Guide
Application Security Tools
April 2026
Download Free Report
Find out what your peers are saying about SonarSource Sàrl, Veracode, Checkmarx and others in Application Security Tools. Updated: April 2026.
DOWNLOAD NOW
886,077 professionals have used our research since 2012.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.